- do not use the term 'cross-signing keys' anymore: Previously, the term
'cross-signing keys' was used to refer to the master, user-signing and
self-signing keys. This is not ideal since the master key is used for
cross-signing but may also be used to sign the backup key, for example.
In these contexts, the master key is not used for cross-signing.
The term 'cross-signing keys' has therefor been replaced by 'keys used
for cross-signing' or, more explicitely, by 'master, user-signing and
self-signing key'.
- the naming of the master key has been harmonised (no more 'master
cross-signing key' or 'master signing keys'). Also the abbr. 'MSK' has been
replaced by 'MK'.
- in the QR code example, the term 'cross-signing key' has been replaced
by 'master key' since in mode 0x00, the current user's own master key and
what the device thinks the other user's master key is used.
- it has been made more explicit that private keys used for cross-signing can
be stored on the server are stored as described in the secrets module (as
opposed to store them in unencrypted form)
Signed-off-by: codedust <codedust@so.urceco.de>
* Include method in all API endpoint children's IDs
Avoids duplicate IDs for object of endpoints
that use the same path but a different method.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Differentiate API endpoints' request and response children's IDs
Ensures that the objects have a unique ID compared to other parts of the endpoint.
Mostly useful for the Error type that can be used for responses with different status codes.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Differentiate the names of both SessionData formats
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
Also, some other editorial improvements, including factoring out our two definitions of the same key encoding algorithm.
Co-authored-by: Travis Ralston <travisr@matrix.org>
* clarify otk and fallback key types in examples
- remove unsigned curve25519 keys from examples because we don't use those for
otks and fallback keys
- add missing `device_unused_fallback_key_types` property, which is required
* add changelog
* Clarify that the key backup MAC is implemented incorrectly
Due to a bug in libolm, all implementations of the
m.megolm_backup.v1.curve25519-aes-sha2 key backup algorithm incorrectly
pass an empty string through HMAC-SHA-256 to generate the `mac` property
of the `session_data`.
It was intended for the entire raw encrypted data to be passed through
HMAC-SHA-256, but the issue was caught too late in the process, and thus
we are stuck with this until a new key backup algorithm is introduced.
This commit clarifies the real-world behavior of all current
implementations.
Signed-off-by: Sumner Evans <sumner@beeper.com>
Was previously using <a name="..."> elements which just
add another anchor rather than changing the existing one.
They also use a deprecated HTML attribute and in some cases
broke the header display.
Fixes#1572.
Signed-off-by: Midnight Veil <midnightveil@fea.st>
The link checker doesn't understand that we dynamically re-assign element IDs
at load time, so was failing for a few links that were technically valid
(though presumably still broken for any client not using JS).
Work around this by manually setting a few anchors, linking to other nearby
bits of text, or just changing heading titles.
* Update several spots where C-S API was still using r0 APIs
Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Add changelog
Signed-off-by: Aaron Raimist <aaron@raim.ist>
codedust